News

Major security flaw discovered in Thunderbolt-equipped devices

Security Researcher Björn Ruytenberg at Eindhoven University of Technology has exposed a massive hole in the security of all devices that come with a Thunderbolt port. He revealed that using a relatively simple technique dubbed ‘Thunderspy,’ attackers can retrieve data from these computers within five minutes.

What made Thunderbolt such a massive hit within the computer hardware community is the transfer speed it offers its users. These ports can essentially give devices direct access to a computer’s memory, which makes these extremely fast, when compared to the standard Universal Serial Buses. This direct access to memory also makes the computer vulnerable to many potential security breaches. These security breaches, named Thunderclap, were first thought of as avoidable; researchers suggested simply disabling the Thunderbolt, allowing access only to the DisplayPort or the USB-C devices that plug in.

Ruytenberg has since revealed that even with the Thunderbolt disabled, hackers and attackers can gain access to your data by simply having physical access to your device, a screwdriver, and some “easily portable hardware.” Also, the breach itself does not leave any trace, meaning the user would never know that an attack had ever taken place.

Ruytenberg developed a concept he named, “The evil maid attack.” He said, in his statement, that all the attacker (who, in this case is being referred to as the ‘evil maid’) has to do is, “unscrew the backplate, attach a device momentarily, reprogram the firmware, reattach the backplate, and the evil maid gets full access.” He mentioned that all of this could be done in under five minutes.

This whole attack, Ruytenberg said, could cost the attackers as low as $400. Intel recently announced a Thunderbolt security system, the Kernel Direct Memory Access Protection. The protection it offers, however, is only for devices manufactured in 2019 or later, so devices manufactured and sold before that remain unprotected. There are also a list of HP, Dell, and Lenovo devices manufactured in 2019 or later that the system does not work on.

Apple devices equipped with Thunderbolt do, however, remain unaffected unless they are running Boot Camp.

To protect yourself against the attacks, Ruytenberg suggested that users should ensure the physical safety of their devices and avoid leaving their systems unattended in public areas, “while powered on, even if screenlocked.”

Sponsored
Hamnah Khalid

Leave a Comment
Share
Published by
Hamnah Khalid
Tags: Security

Recent Posts

WhatsApp Beta Partners with Google for Innovative Image Search Feature

When it comes to Android messaging apps, WhatsApp stands out as one of the best.…

33 mins ago

Farrukh Sabzwari Appointed as CEO of PSX, Set to Serve for Three Years

Farrukh H. Sabzwari has been appointed Chief Executive Officer (CEO) of Pakistan Stock Exchange Company…

1 hour ago

250 Government Schools to Be Run by Private Sector

RAWALPINDI: The chairman of the Punjab Education Foundation, Malik Shoaib Awan, stated on Monday that…

3 hours ago

Pakistan Launches First National Sex Offenders Register to Combat Sexual Violence

Pakistan has taken a significant step towards addressing sexual violence and abuse with the introduction…

3 hours ago

SBP Chief Reports October Remittances Exceed $3 Billion

KARACHI: The State Bank of Pakistan (SBP) is anticipating $500 million from the Asian Development…

3 hours ago

Sindh Assembly Reveals 28,500 Govt Employees’ Spouses as Illegal BISP Beneficiaries

The Sindh Assembly was informed that over 28,500 employees of the provincial government were unlawfully…

4 hours ago